What troubleshooting skills does the CCNA exam test?
The CCNA 200-301 exam tests systematic troubleshooting skills across routing, switching, wireless, IP services, and network security. Candidates must diagnose connectivity issues by interpreting show commands, identifying misconfigurations, and tracing packet paths through network topologies. Approximately 25-30% of CCNA questions involve troubleshooting scenarios based on provided show command output.
The Cisco CCNA 200-301 examination places significant emphasis on troubleshooting skills. Unlike certification exams that focus purely on knowledge recall, CCNA regularly presents candidates with network scenarios, show command output, and topology diagrams, then asks them to identify the problem or the correct corrective action.
Developing strong troubleshooting skills also makes you more effective on the job from day one. Employers consistently report that candidates with genuine troubleshooting ability -- not just theoretical knowledge -- add immediate value. This guide covers systematic troubleshooting methodology and the most commonly tested troubleshooting scenarios across all CCNA domains.
Troubleshooting Methodology
The OSI Model as a Troubleshooting Framework
The OSI model provides a structured framework for isolating network problems. The two common approaches:
Bottom-up approach: Start at Layer 1 (Physical) and work upward.
- Layer 1: Are cables connected? Are LEDs indicating link? Is the interface administratively up?
- Layer 2: Is the MAC address table populated correctly? Are VLANs configured and active? Is STP blocking the correct port?
- Layer 3: Is there a route to the destination? Are IP addresses configured correctly? Is the default gateway correct?
- Layer 4: Is the correct port open? Is a firewall blocking the connection? Is the service listening?
- Layer 7: Is the application running? Are application credentials correct?
Top-down approach: Start at Layer 7 and work downward. Useful when you have application-specific symptoms and want to confirm higher-layer function before investigating infrastructure.
Divide and conquer: Start at a layer where you suspect the problem and work in both directions.
"The most common mistake in network troubleshooting is jumping to conclusions before gathering evidence. The show command output tells you what is actually configured and running, not what you think you configured. Read the output carefully before forming a hypothesis and test one change at a time." -- Network engineering mentor community
Essential Show Commands for CCNA Troubleshooting
Interface and Physical Layer Commands
| Command | Information Provided |
|---|---|
show interfaces |
Detailed interface status, errors, duplex, speed |
show interfaces status |
Summary of all interfaces with VLAN and duplex |
show ip interface brief |
IP addressing and interface up/down status |
show controllers |
Hardware-level interface information |
Common interface errors:
- Input errors / CRC errors: Physical layer issue (bad cable, duplex mismatch)
- Duplex mismatch: One side full-duplex, other half-duplex; causes late collisions and low throughput
- Output drops: Interface congested; QoS or traffic shaping needed
- Interface down/down: No physical connection or speed/duplex mismatch
Routing Troubleshooting Commands
show ip route ! Complete routing table
show ip route 10.1.1.0 ! Route for specific prefix
show ip protocols ! Routing protocol summary
show ip ospf neighbor ! OSPF neighbor relationships
show ip eigrp neighbors ! EIGRP neighbor relationships
show bgp summary ! BGP peer summary with prefixes received
ping 10.1.1.1 ! Basic connectivity test
traceroute 10.1.1.1 ! Path trace with hop-by-hop RTT
Switching Troubleshooting Commands
show mac address-table ! MAC address table
show vlan brief ! VLAN database and port assignments
show interfaces trunk ! Trunk configuration and allowed VLANs
show spanning-tree ! STP topology and port states
show cdp neighbors detail ! Discover connected devices
show etherchannel summary ! EtherChannel status
Common Troubleshooting Scenarios
Scenario 1: PC Cannot Communicate with Default Gateway
Systematic approach:
- Verify PC IP address, subnet mask, and default gateway are correctly configured
- Ping the default gateway from the PC -- if this fails, check Layer 1-3
- Check switch port:
show interfacesfor errors,show vlan brieffor correct VLAN assignment - Check router interface:
show ip interface brief-- interface must be up/up with correct IP - Check for ACL on router interface:
show ip interfaceshows inbound and outbound ACL names
Most common causes:
- PC assigned to wrong VLAN on switch access port
- Router sub-interface IP address in wrong subnet
- ACL blocking ICMP or management traffic
- Duplex mismatch on switch port
Scenario 2: OSPF Neighbors Not Forming
OSPF neighbor relationships fail when any of these parameters mismatch:
| Parameter | Issue | Command to Verify |
|---|---|---|
| Area number | Both sides must share same area | show ip ospf interface |
| Hello/dead timers | Must match on both sides | show ip ospf interface |
| Subnet mask | Must be identical | show interfaces |
| Authentication | Mismatch prevents adjacency | show ip ospf interface |
| Network type | Point-to-point vs. broadcast affects DR election | show ip ospf interface |
| MTU | Mismatched MTU prevents full adjacency | show ip ospf database |
"The single most common OSPF troubleshooting question on CCNA shows two routers with a neighbor relationship stuck in EXSTART or EXCHANGE state. This almost always means an MTU mismatch. The routers can exchange Hellos (they are neighbors) but cannot exchange Database Description packets because the DBD packets exceed the smaller MTU." -- CCNA exam community
Scenario 3: Inter-VLAN Routing Not Working
Router-on-a-stick troubleshooting:
- Verify trunk link between switch and router:
show interfaces trunkon switch - Verify sub-interfaces exist with correct encapsulation and IP:
show interfaceson router - Verify native VLAN matches between switch trunk and router main interface
- Verify VLAN exists in VLAN database:
show vlan brief
Layer 3 switch (SVI) troubleshooting:
- Verify SVI interface is up:
show ip interface brief-- "Vlan10" must be up/up - SVI comes up only when at least one port in the VLAN is active:
show vlan brief - Verify
ip routingis enabled:show running-config | include ip routing
Scenario 4: DHCP Not Working
DHCP server troubleshooting (when server is on a different subnet):
- Verify DHCP relay (ip helper-address) is configured on the client-side interface of the router
- Verify the helper-address points to the DHCP server IP
- Verify ACLs are not blocking UDP port 67/68
On the DHCP server:
show ip dhcp pool
show ip dhcp binding
show ip dhcp conflict
debug ip dhcp server events
Lab Practice Topology Recommendations
Core CCNA Lab Topology
A minimum lab topology for CCNA practice:
- 3-4 Cisco routers (IOS-XE preferred; CSR1000v in GNS3/EVE-NG)
- 2 Cisco switches (IOSv-L2 in GNS3/EVE-NG or physical 2960 switches)
- PC simulation (VPCS in GNS3 or simple loopback interfaces)
Practice Scenarios by Domain
| Domain | Lab Exercise | Time Estimate |
|---|---|---|
| Routing | Configure OSPF, EIGRP, and static routes; introduce deliberate errors and troubleshoot | 2-3 hours |
| Switching | Configure VLANs, trunks, SVIs, and STP; break and fix the topology | 2 hours |
| ACLs | Write standard and extended ACLs with specific permit/deny requirements | 1-2 hours |
| NAT | Configure PAT overload and verify with debug; troubleshoot failed translations | 1 hour |
| DHCP | Configure DHCP server and relay; simulate and troubleshoot DHCP failures | 1 hour |
| IPv6 | Configure dual-stack interfaces and OSPFv3; verify connectivity | 1-2 hours |
Free Lab Resources
Cisco Packet Tracer: Free Cisco simulation tool. Sufficient for most CCNA topics. Available to registered Cisco Networking Academy students (free registration available).
GNS3: Free network simulation platform supporting real Cisco IOS images. More realistic than Packet Tracer. Requires obtaining Cisco IOS images.
Cisco DevNet Sandbox: Free cloud-based lab environments including real IOS-XE devices. Limited session time but no local hardware required.
Cisco Modeling Labs Personal: Subscription-based virtual lab platform ($199/year). Best performance and most realistic simulation.
Frequently Asked Questions
How many troubleshooting questions are on the CCNA exam? There is no fixed count, but troubleshooting scenarios typically represent 25-30% of CCNA questions. These scenarios present show command output and network diagrams and ask candidates to identify the problem or select the correct remedy. Candidates who can quickly read and interpret show command output have a significant advantage on these questions.
What is the most effective way to build troubleshooting skills for CCNA? The most effective method is deliberate practice with broken topologies. Build a working network in GNS3 or Packet Tracer, then introduce specific faults (misconfigured VLAN, wrong OSPF area, mismatched subnet mask, blocked ACL) and practice identifying the fault from show command output alone before applying a fix. This mirrors exactly what the exam questions test.
Does CCNA include hands-on lab tasks or only multiple-choice questions? The standard CCNA 200-301 exam is multiple-choice and scenario-based but does not include live lab tasks. You will not be asked to type commands directly into a device. However, you will be shown show command output and asked to interpret it, and you may see simulations where you need to select the correct command to run. Some CCNA prep programs offer optional hands-on labs (Cisco CCNA Learning Path on NetAcad) that are excellent supplemental practice.
References
- Cisco. (2025). CCNA 200-301 Official Exam Topics. https://learningnetwork.cisco.com/s/ccna
- Odom, W. (2023). CCNA 200-301 Official Cert Guide, Volume 1. Cisco Press.
- Odom, W. (2023). CCNA 200-301 Official Cert Guide, Volume 2. Cisco Press.
- Cisco. (2025). Cisco IOS Show Commands Reference. https://www.cisco.com/c/en/us/support/docs/
- GNS3. (2025). GNS3 Network Simulation Platform. https://www.gns3.com/
- Cisco Networking Academy. (2025). Cisco Packet Tracer. https://www.netacad.com/courses/packet-tracer